March 17, 2010 -- Palo Alto, CA -- Voltage Security, Inc. the global leader in end-to-end data protection, today announced that Fifth Third Processing Solutions, the fourth largest merchant purchase transaction acquirer in the world, will offer Voltage-powered end-to-end encryption and tokenization to its merchant network of over 180,000 merchant locations including hundreds of PCI Level 1 merchants. Fifth Third Processing Solutions will integrate Voltage SecureData Payments™, a version of its industry-leading end-to-end encryption solution specifically tuned for merchants and payment processors, into its payment processing solution and make it available throughout its merchant network.

Voltage SecureData Payments extends data protection from card swipe to card brand hand-off, covering the critical endpoints of the payment stream. This means encryption and protection now covers authorization and settlement at card swipe and post-settlement business processes at the merchant and/or payment processor location.“The multiple benefits of Voltage end-to-end encryption make it the natural choice for large payment processors such as Fifth Third Processing Solutions. We can scale quickly to meet their needs and integrate seamlessly with various data processing configurations, reducing audit scope and offering outstanding data protection at a greatly reduced cost as compared to other approaches,” said Sathvik Krishnamurthy, president and CEO of Voltage Security.“We are committed to providing our merchant partners with the most secure payment processing solutions available,” said Bob Bartlett, CIO at Fifth Third Processing Solutions. “This end-to-end encryption solution offers an extremely comprehensive and useful approach to data protection.”

o Critical Endpoints of Payment Stream Now Protected In most existing payment systems, credit card data is left unprotected during the authorization and settlement processes that immediately start upon card swipe or some other point of entry. At the back end of the payment stream, cardholder data is often left unprotected during routine business processes such as processing for loyalty programs, charge-backs or repetitive payments. All too often data breaches can happen when card holder data is left unprotected at these critical endpoints of the payment stream. Now, with Voltage SecureData Payments, cardholder data is protected at these endpoints and as it flows throughout the payment stream. Voltage uses the Identity-Based Key Encapsulation and Encryption Protocol (IBKEEP) to transmit data across the various end-points without the need for decrypting and re-encryption. o Innovation in cryptography provides end-to-end encryption without massive IT system changes Voltage end-to-end encryption features an innovative cryptography approach called Format-Preserving Encryption or FPE. With Voltage FPE, credit card numbers and other types of structured information are protected without the need to change format or structure. This means that changes to existing IT systems, such as databases and business applications, are dramatically reduced resulting in reduced PCI audit costs, rapid implementation and the lowest ongoing operational cost. o Simplified Key Management Eliminates Need for Laborious Key Injection With point-of-sale (POS) solutions that use legacy symmetric encryption, encryption keys must be reset annually for each POS device through a process called key injection. This procedure is expensive and cumbersome for merchants as they must take POS devices offline and ship them back to a secure facility for new keys. Now POS devices enabled with Voltage’s end-to-end encryption operate using simplified key management which does away with any need to inject keys. With the Voltage approach, based on the IBKEEP protocol discussed above, encryption keys can be changed and rotated as needed and transparently, without impact to the underlying data or processes. o Easy Integration with Voltage SecureData Enterprise to Extend Data Protection Throughout Organization Now merchants and payment processors can easily extend their data protection efforts to other types of customer and employee data by integrating Voltage SecureData Payments with Voltage SecureData Enterprise. The use of common underlying architectures for end-to-end encryption and tokenization for both solutions enables easy extensibility throughout the enterprise to protect all types of private information, to reduce audit scope and to reduce costs associated with potential data breaches. o Voltage SecureData Payments Compatibility with Host Systems and Wide Variety of POS Platforms Voltage SecureData Payments provides native operation on a wide variety of merchant or payment processor host systems including mainframes, mid-range computer systems or open/cloud based-systems. In addition, easy connections can be implemented across a variety of POS devices including electronic cash registers and ecommerce payment platforms enabled with the previously announced Voltage SecureData POS software development kit (SDK).

The entire Voltage SecureData suite of solutions is available today and includes:

o Voltage SecureData Payments for payment processors and merchants for protecting payment, settlement and authorization data. o Voltage SecureData Payments POS SDK for POS, ECR, mobile device manufacturers and ecommerce payment platform providers, enabling the protection of data at the point of card capture. o Voltage SecureData Enterprise designed to protect all types of structured and unstructured data such as social security numbers, driver’s license as well as cardholder data using end-to-end encryption and tokenization